It also doesn’t ship with ISP backdoors or ISP remote management crap that can be a big attack vector. Just about every ISP router I’ve looked at has some hardcoded super admin password or secret unauthenticated paths to access hidden settings.
Custom firmware ships with plain web UI and/or SSH only from the LAN side (or even specific VLAN), so right off the start there isn’t a whole lot of potentially exploitable surface. And the community actually cares.
It also doesn’t ship with ISP backdoors or ISP remote management crap that can be a big attack vector. Just about every ISP router I’ve looked at has some hardcoded super admin password or secret unauthenticated paths to access hidden settings.
Custom firmware ships with plain web UI and/or SSH only from the LAN side (or even specific VLAN), so right off the start there isn’t a whole lot of potentially exploitable surface. And the community actually cares.